Major_Tom 8e762199b0 vauth/cleartext: fix theoretical integer overflow ... Fix theoretical integer overflow in Curl_auth_create_plain_message. The security impact of the overflow was discussed on hackerone. We agreed this is more of a theoretical vulnerability, as the integer overflow would only be triggerable on systems using 32-bits size_t with over 4GB of available memory space for the process. Closes #5391		2020-05-14 08:36:35 +02:00
..
cleartext.c	vauth/cleartext: fix theoretical integer overflow	2020-05-14 08:36:35 +02:00
cram.c	copyrights: fix copyright year range	2019-11-08 14:51:42 +01:00
digest.c	md5/sha256: Updated the functions to allow non-string data to be hashed	2020-02-23 07:50:33 +00:00
digest.h	copyrights: fix copyright year range	2019-11-08 14:51:42 +01:00
digest_sspi.c	*_sspi: fix bad uses of CURLE_NOT_BUILT_IN	2020-05-08 08:37:56 +02:00
krb5_gssapi.c	vauth: Use CURLE_AUTH_ERROR for auth function errors	2019-08-14 03:14:01 -04:00
krb5_sspi.c	*_sspi: fix bad uses of CURLE_NOT_BUILT_IN	2020-05-08 08:37:56 +02:00
ntlm.c	ntlm: Removed the dependency on the TLS libaries when using MD5	2020-02-23 07:52:19 +00:00
ntlm.h	vauth/ntlm.h: fix the #ifdef header guard	2018-03-20 15:00:09 +01:00
ntlm_sspi.c	ntlm_sspi: fix bad use of CURLE_NOT_BUILT_IN	2020-05-07 12:58:57 +02:00
oauth2.c	pingpong: disable more when no pingpong enabled	2019-05-13 08:17:10 +02:00
spnego_gssapi.c	vauth: return CURLE_AUTH_ERROR on gss_init_sec_context() failure	2019-08-26 13:43:21 +02:00
spnego_sspi.c	*_sspi: fix bad uses of CURLE_NOT_BUILT_IN	2020-05-08 08:37:56 +02:00
vauth.c	vauth: Fix incorrect function description for Curl_auth_user_contains_domain()	2019-05-10 22:12:03 +01:00
vauth.h	vauth: The parameter 'status' must be surrounded by parentheses	2019-09-23 22:44:01 +02:00